As of February 1, 2018, Pardot will offer SSL for the Vanity Domain (CNAME) you use with your Pardot assets. This is great news. This feature has been requested for many years.
Even more exciting, according to Pardot Product Manager Heather Stables, this will be available for all Pardot customers:
This means you will soon be able to use a secure, branded URL when presenting Pardot assets to your prospects. From secure form submission (on your own URL) to file hosting, this is a welcome change.
How Pardot Vanity Domain works
Pardot assets are not stored on your website – they are stored on Pardot’s servers. This means your assets are accessed with a Pardot URL.
This is an ugly URL, and not in keeping with your own company branding. An observant customer might see the URL and think, “Who is this Pardot company? This must be a scam.” They might navigate away from your website or not click your email because it does not seem secure.
To combat this, and to enhance your branding, Pardot has always provided the feature of using your own Vanity Domain. This is a CNAME which you set up with your web team during Pardot implementation.
The Vanity Domain gives you a customized URL, with your own company’s branding. You can turn that ugly Pardot URL into a branded custom URL.
This is an improvement. The URL is branded, and appears as a real item from your company.
But the URL does not offer any security – the URL is an http, not an https (secure).
Why an SSL Vanity Domain is important for you
Google gives SEO priority to web pages with https in the URL, and many websites have been converted to https to get this SEO bump.
A problem arises with embedding Pardot forms into your website. Whenever Pardot gives you a snippet of code to easily embed your form, the snippet of code uses your Vanity Domain. This means you are embedding your Pardot form using an insecure URL (http, not https).
Because your form uses an insecure URL (http), but your overall website is secure (https), you have just caused what is called a ‘mixed media error.’ You want to avoid it whenever possible.
The mixed media will cause many web browsers to alert the visitor that the page is not secure. There is no padlock in the address bar – it may show an exclamation point or an information circle.
The historical method of securely linking to Pardot assets has been to use Pardot’s own secure URL during the embed.
This has worked fine, but is not exactly intuitive. It is easy to forget to use the https version of your Pardot asset, and can cause extra work to go back and fix it.
One exception has been Pardot Landing Pages. Unfortunately, there was never a good way to use an SSL vanity domain on your Pardot-hosted Landing Pages. This update coming in February should change that.
Costs for secure Vanity Domain
The blog post indicates it will be quick to implement the SSL for your Vanity Domain on Pardot.
Since it is risky and difficult for the average user to request and pass an SSL certificate, Pardot will be requesting the certificate and hosting it for you.
In the Pardot Trailblazer Community, Heather Stables noted that the certificates will be available from their approved company Let’s Encrypt, and there will not be an additional cost for Pardot customers.
See more from their blog post announcing SSL for Vanity Domains, and from the Ideas forum.
Need help with configuring your Pardot account? Contact us for options.